[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: Need to clarfiy how to implement spamtrap address checking & discard with before-queue filtering. Noel Jones Thu Feb 23 15:00:13 2012

On 2/23/2012 3:55 PM, [EMAIL PROTECTED] wrote:
> Hello Noel,
> On Thu, Feb 23, 2012, at 03:31 PM, Noel Jones wrote:
>> (sorry, had to work for a while)
> No worries.  Nice to have someone reasonable to chat with.  Bit of a dry
> spell on that.  It's appreciated.
>> On 2/23/2012 2:58 PM, [EMAIL PROTECTED] wrote:
>> Ah, a different server.  Important infomation (or maybe I missed it...).
> Easy to miss.  Fwiw, as originally @
>   http://marc.info/?l=postfix-users&m=133002076514425&w=2
> my sendmail 'send' was sent from to postfix listening @
> "inet_interfaces =".
> Clearly mistakenly having presumed that that's clear enough, I called it
> out specifically only recently in response to the lashings.
>>>     Feb 23 11:51:52 desk postfix/smtp[20627]: 986C040083:
>>>     to=<[EMAIL PROTECTED]>,
>>>     relay=mail.rogermail.lan[]:25, delay=0.3,
>>>     delays=0.21/0/0.03/0.06, dsn=5.1.1, status=bounced (host
>>>     mail.rogermail.lan[] said: 550 5.1.1
>>>     <[EMAIL PROTECTED]>: Recipient address rejected: User
>>>     unknown in virtual mailbox table (in reply to RCPT TO command))
>> This is the error you need to get rid of.  The spamtrap user must be
>> accepted for the downstream listener to use it to trigger the DISCARD.
>> If you add the spam@ user to your local storage all will be well.
> Aha, I think ...
> So IIUC, I need to RE-add the list of spamtraps in the has table as
> valid users (removed as valid after known to be compromised ...) so
> that, rather than being off-hand rejected as an unkonw/non-existent
> [EMAIL PROTECTED], the multiple-recipient message gets carried through far
> enought to get to where that DISCARD check+action is valid?
> Is that approaching correct?

Yes, that is the intent.  The recipient must be accepted to get to
the post-filter DISCARD.

> If so, then I assume that I leave only postscreen listening at the
> 'real' external address, and the spamtrap address check shoud remaing
> associated with the reinjection listener, as you'd
> previously advised?

Yes, the check for the spamtrap recipient must be in the listener for DISCARD to work.

  -- Noel Jones